Vulnerability management is a set of processes and technologies that establishes and maintains a security configuration baseline to discover, prioritize and mitigate exposures.

Effectively managing vulnerabilities is really about patching, updating software, hardening configurations and implementing technical policies on IT assets.

Organizations do vulnerability management to:

1. Fix faults in the software affecting security, performance or functionality.
2. Alter functionality or to address a new security threat, such as by updating an antivirus signature.
3. Change a software configuration to make it less susceptible to attack, run faster or improve functionality.
4. Use most effective means to thwart attacks by automated worms.

The penetration testing practice is used to find vulnerabilities that an attacker could exploit testing a computer system, network or Web Application.